IP SLA Reporting to HPOV

Unanswered Question
May 28th, 2009

I need to use IP SLA on my ASA to monitor the availability of a particular host. If the host goes unreachable the IP SLA will remove the route and a secondary route on my network will be used. I'm trying to find out if it's possible to have the IP SLA config report back to hpov when this happens.

Thank you for your replies.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
jkl1972 Thu, 05/28/2009 - 05:59

Thank you for the reply but unfortunately I don't think this will work..sounds really cool but I don't think it's a fit for my topology. My IP SLA pings would be going out a particular interface on my ASA targeting a client network that has equipment colocated in my data center. In the event that this path fails a secondary route would be used which would be through a different firewall and would take a VPN over the Internet back to the client as a secondary path.

Collin Clark Thu, 05/28/2009 - 06:04

Hmmm, do you know when the links fails, does it create a syslog? I think that's about the only way to get it to HPOV.

jkl1972 Thu, 05/28/2009 - 06:09

I'm not sure...I will have to check into that and post back.

jkl1972 Mon, 06/01/2009 - 06:07

Hello Farrukh,

Thank you very much for the information.

Jason

jkl1972 Mon, 06/01/2009 - 11:58

One more question for you if you don't mind...If I'm currently logging on this ASA to a particular local IDS can I send %PIX-6-622001 syslog messages to a different server altogether? The reason being..I need to get these specific messages down to our hpov server to generate the email to our helpdesk for notification.

Farrukh Haroon Mon, 06/01/2009 - 21:53

Please clarify your requirements, what I understand is:

i) You want to send all syslogs to a syslog server (IDS), btw which IDS is this? (The Cisco IDS does not support syslogs)

ii) You want to send ONLY specific messages to the HPOV?

If this is correct, then I don't think this would be possible on the ASA, as you would associate a SINGLE logging list for the 'trap' method. You could perhaps using email notification for HPOV? Or use another syslog forwarded like KIWI to achieve this (But this would cause a lot of resource waste).

This is a configuration link:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00805a2e04.shtml#use

Regards

Farrukh

jkl1972 Tue, 06/02/2009 - 03:15

We currently log all activity on the ASA to a non Cisco IDS that sits local to the ASA. Any type of event trap goes to our HPOV server that is at another data center. What I'm trying to do is get this one type of syslog message for the lost tracked route to go to our hpov server.

Farrukh Haroon Tue, 06/02/2009 - 12:11

As I said earlier, you can't make two filter lists for the syslog (trap) destination. You have to use email, snmp traps or something for one and syslog for the other. Or use an external syslog replay server to send events to both the IPS and HPOV.

Regards

Farrukh

Actions

This Discussion